CVE-2012-2313

The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call.

Published: Jun 13, 2012
Updated: Apr 13, 2023
CVE: CVE-2012-2313
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 1.2
AV:L/AC:H/Au:N/C:N/I:N/A:P

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
linux / linux_kernel	3.3-rc4	3.3-rc4.x
linux / linux_kernel	3.3-rc5	3.3-rc5.x
linux / linux_kernel	3.3-rc3	3.3-rc3.x
linux / linux_kernel	3.3.2	3.3.2.x
linux / linux_kernel	3.3.3	3.3.3.x
linux / linux_kernel	3.3-rc2	3.3-rc2.x
linux / linux_kernel	-	3.3.6.x
linux / linux_kernel	3.3.4	3.3.4.x
linux / linux_kernel	3.3.5	3.3.5.x
linux / linux_kernel	3.3-rc6	3.3-rc6.x
linux / linux_kernel	3.3-rc1	3.3-rc1.x
linux / linux_kernel	3.3	3.3.x
linux / linux_kernel	3.3-rc7	3.3-rc7.x
linux / linux_kernel	3.3.1	3.3.1.x
novell / suse_linux_enterprise_server	10.0-sp4	10.0-sp4.x
redhat / enterprise_linux	5	5.x
redhat / enterprise_linux_server_aus	6.2	6.2.x
redhat / enterprise_linux_server_eus	6.2.z	6.2.z.x
redhat / enterprise_linux_desktop	5.0	5.0.x
redhat / enterprise_linux_server_eus	6.1.z	6.1.z.x
redhat / enterprise_linux_eus	5.6.z	5.6.z.x
redhat / enterprise_linux_long_life	5.6	5.6.x

Vulnerability Database

289,599

CVE-2012-2313